Firewall Wizards mailing list archives
Re: Scare Me !!
From: Ken Hardy <ken () bridge com>
Date: Fri, 11 Jun 1999 14:23:23 -0500 (CDT)
I got a call from someone concerned that I was giving away my (weak) security profile. Fortunately, that's not the case; I was saying what some people think, not what we've got implemented (though I suppose this disclaimer won't stop the script-kiddies from trying.) I may have been overly dramatic in my examples, but it's a fact that I'm constantly dealing w/ folks who don't understand the battlefield. Getting them to recognize that there's a war is what I'm after. The SANS Institute looks better than the last time I checked it out. (Or maybe it's not the same site I'm thinking of.) I might put together a page with links to that as well as to phrack, 2600, rootshell, &c. Any further suggestions along those lines (or better) are still appreciated. - KH On Thu, 10 Jun 1999, Ken Hardy wrote:
I need to induce a healthy respect for Internet dangers into some folks around here. I know the dangers, or enough of them, but it's wearing to try to educate one after another exec, network tech, etc. In addition to the regular sort of security literature, a list of real-life (or very possible) security incidents that could help foster a healthy respect for the potential dangers might be real useful. An internet shop of horrors website, perhaps. I'd appreciate anything useful in this regard. I'm trying to reach the sort of people who think that a) we have a firewall so we're safe; b) a packet filter is a firewall (even if all ports >1024 are open!); c) desktop modems are nothing to worry about; d) we *need* to support the impossible-to-defend protocols of the latest whiz-bang internet app through the firewall; e) policy? we don't need no stinkin' policy; f) etc., etc., etc. -- KH
Current thread:
- RE: Scare Me !! Waszak, Thomas (Jun 14)
- RE: Scare Me !! Joseph Judge (Jun 15)
- RE: Scare Me !! Jody C. Patilla (Jun 15)
- RE: Scare Me !! Joseph Judge (Jun 20)
- RE: Scare Me !! Marcus J. Ranum (Jun 15)
- RE: Scare Me !! Eric Budke (Jun 20)
- RE: Scare Me !! Joseph Judge (Jun 20)
- RE: Scare Me !! Jody C. Patilla (Jun 15)
- <Possible follow-ups>
- RE: Scare Me !! andrew . c . howard (Jun 14)
- RE: Scare Me !! sean . kelly (Jun 14)
- Scare Me !! Ken Hardy (Jun 14)
- Re: Scare Me !! Ken Hardy (Jun 14)
- Re: Scare Me !! Lance Spitzner (Jun 14)
- Re: Scare Me !! Alec Muffett (Jun 14)
- Re: Scare Me !! Technical Incursion Countermeasures (Jun 15)
- Re: Scare Me !! Technical Incursion Countermeasures (Jun 15)
- RE: Scare Me !! Copp, Carlton (Jun 15)
- RE: Scare Me !! Feeney, Tim (Jun 15)
- RE: Scare Me !! Joe Pung (Jun 20)
- RE: Scare Me !! Waszak, Thomas (Jun 15)
- Re: Scare Me !! Joseph S D Yao (Jun 16)
- Re: Scare Me !! Robert Graham (Jun 20)
- RE: Scare Me !! Joseph Judge (Jun 15)